COMPUTING INFRASTRUCTURES TO SUPPORT CYBERSECURITY
EDUCATION
Author Name(s)
Affiliation
Email addresses
(10-point type size, upper and lower case, centered under the title.
These should be left blank in the initial submission!)
ABSTRACT
Over the past decade, attention on cybersecurity awareness
has spurred academic institutions across the nation to
develop and integrate various security-related tracks to the
undergraduate computer science curriculum. As
cybersecurity education emphasizes hands-on learning
activities, significant efforts have been expended in
developing and publishing course materials that satisfy
these requirements. These materials cover a wide range of
topics and require significant computing infrastructure
support. At large institutions with emphasis on research
activities, there are redundant facilities to provide students
with an isolated environment where they have access to
adequate infrastructures and personnel support from
teaching assistant and professional IT staff. These
resources are not always available for regional teaching-
oriented institutions. In this paper, we discuss our recent
experience at West Chester University in utilizing various
local and national infrastructure to teaching computer
security in different courses at different levels.
KEY WORDS
Computer security, computer education, computing
infrastructure, cloud computing, CloudLab, XSEDE.
1. Introduction
The creation of the National Initiative for Cybersecurity
Education [1] and the two National Center of Academic
Excellence (CAE) programs in Cyber Defense and Cyber
Operations [2] has signaled an official focus of national
efforts to the promotion of cybersecurity awareness
through education, training, and workforce development.
This has resulted in a rapid growth of various security-
related educational components at academic institutions
across the nation, with 182 colleges and universities
already acquired CAE in Information Assurance
Excellence designation by 2014 [3].
One critical component of cybersecurity education is the
inclusion of hands-on learning activities. In [4], the
Department of Homeland Security recommended
improving qualifying criteria for its CAE programs to
promote the addition of more hands-on content. This
presents a challenge to academic institutions in balancing
between training, which requires more practical contents,
and education, which requires more theoretical contents.
This balance is most notable at institutions that provide 4-
year bachelor degrees and Masters degrees [5]. As a result,
recent literature in developing and publishing courses for
cyber-security focuses on the developments of lab-based
materials that can illustrate fundamental computer security
concepts using hands-on learning activities on various
relevant computing infrastructures. The adaptation and
integration of these materials, in many cases, requires a
close replication of host institutions’ infrastructures. For
teaching institutions with limited resources, this represents
a significant challenge.
In this paper, we discuss our recent experience
incorporating hands-on learning activities in different
computer security courses with the utilization of various
local and national computing infrastructure. The remaining
of the paper is as follows. Section 2 provides a brief
overview of previous work in cybersecurity educational
contents, with a focus on how the accompanying
computing infrastructures differ over time. Section 3
describes the settings and materials for cybersecurity
courses at West Chester University. Section 4 presents
different approaches in provisioning computing
infrastructures for students in these courses. We discuss the
teaching experience, challenges, and student feedback in
Section 5. Section 6 concludes the paper and elaborates on
future work.
2. Related Work
Cybersecurity education literature typical follows several
major approaches in providing computing resources for
hands-on activities. In the first approach, students have
direct access to a physical compute resource, which could
be a personal computer (PC) or a shared network of
computers. In [6], the authors described the most preferred
laboratory exercises as ranked by students for introductory
cybersecurity courses at two liberal-arts colleges. These
exercises cover areas such as cryptography, network
monitoring and analysis, secure connection, network
security configurations, and network programming.
Exercises in the area of cryptography are doable on
students’ PC, and others in a dedicated computer lab.
Laboratories with focus on network security, including
eavesdropping attacks, dictionary attacks, SSL usage, man-
in-the-middle attacks, and firewalls/VPN were described in
[7]. The accompanying computing infrastructure was
consisted of four computing clusters, each of which had
three individual computers. In the paper, the authors
describe having eight students per cluster as adequate. The
work of [8] described an extensive laboratory network that
enables various advanced network security exercises
including network mapping and sniffing, vulnerability
assessment, rootkit analysis, backdoors, honey pot, and
worms. Students were also provided with removable hard
drives that could be detached and taken home at the end of
the labs.
The rise of virtual technologies, particularly virtual
machines, has enabled the second approach for
provisioning computing environment for cybersecurity
education [9]. One example of this approach is the SEED
Lab [10], which provides an extensive suite of security labs
based on pre-made VMs. Students can download and
deploy these VMs directly on their laptops to set up these
labs. The creation of large-scale virtual networks such as
Emulab [11] across a federation of institutions gives rise to
platforms such as Deter-Lab [12], which supports virtual,
isolated environments for network-related security
courses. In recent years, the wide spread availability of
public and private cloud computing infrastructures also
contribute to a variety of new course materials [13-14].
The above overview demonstrates that while there exists a
wide variety of contents for cybersecurity education, these
contents are also designed and customized for specific
computing infrastructures. It is critical for instructors to
adapt materials such that the corresponding infrastructure
requirements are suitable and sustainable at the local
institution.
3. Educational Settings
At West Chester University, the cybersecurity career track
includes three courses that directly cover cybersecurity. In
CSC 301, students learn about basic topics in computer
security and the ethical underpinnings of security. CSC
302, Computer Security, introduces critical and diverse
topics in general computer security. Topics in computer
security (CSC 497/583) is a topic course cross-listed both
at undergraduate and graduate level that focuses on specific
advanced security problems. The actual topic is going to be
announced at the time of offering. Currently, we offer two
topics: software security and modern malware analysis.
The majority of hands-on activities in computer security
are covered in CSC 302 and CSC 497/583.
3.1 CSC 302 – Computer Security
CSC 302 is taught in two sessions, each of which covering
different aspects of cybersecurity, including security
principles, concepts (software, system, and network
security and cryptography), components, and architectures.
It is not a required course for computer science major
students. However, it is a required course for the computer
security certificate, which is accredited by NHS/DHS’
National Centers of Academic Excellence program.
Prerequisites for CSC 302 includes CSC 301 Computer
Security and Ethics, and three Java courses (CSC 141, CSC
142, and CSC 240). In addition to learning about ethical
issues related to cybersecurity, students in CSC 301 also
learn authentication, attack models, access control,
malware, risk analysis, intellectual property, information
warfare, and security issues in distributed systems, such as
database, email, payment systems, social networking, and
cloud computing. By finishing all java courses, students are
capable of writing programs with generics, inheritance, and
master all linear data structures such as Array, Array List,
and Linked List. At the same time, the core prerequisite
courses do not always provide students with Linux system
administration skills and experience in working with a
command line interface.
3.1.2 Sessions 1 of CSC 302:
This session of CSC 302 covers topics in network security,
system security, and cryptography. The major hands-on lab
in this session, called game-below, involves several teams
trying to gain administrative access on computers
administered by other teams. The intent of this game is to
give students greater insight and understanding into the
nature of computer security issues by allowing them to act
as both “hackers” and “administrators” in a live network
environment. The entire environment in which this game
takes place is known as the sandbox. Students are divided
into eight teams, with four students per team for this lab.
The teams have three major tasks, which spread throughout
the semester.
The first task is for each team to set up their own server in
the sandbox. This requires Linux system administration
skills. The teams are able to choose and install their own
Linux distribution on a server and deploy it in the sandbox.
At a minimum, this server must support SSH, Web service,
and Mail service. The instructor offers extra credits for
additional security services such as two-factor
authentication, flash, firewall, and SQL server.
In the second task, the team begins their exploration of the
sand box and attempt to gain unauthorized access to
systems belong to the other teams. While doing these
activities, the students also need to avoid detection while
engaging in these activities. The second task will be carried
out at the same time as the third task.
The third task is to defend and maintain each team’s
individual system. As part of this task, each team is to set
up and observe their own activity monitoring mechanisms.
Through the monitoring logs, if an attack is detected, the
defending team is responsible for carrying out a proper
respond. During the process, if there is any security related
updates for the Linux distributions or installed software
component released. It should be noted that as part of the
rules, all students have standard user accounts on every
other teams’ systems. Therefore, the defending team needs
to discern between normal authorized activities and
unauthorized attempts to gain entry to the system.
Students are to maintain rigorous documentation for all
activities related to the three tasks. More specifically, they
are to provide detailed descriptions regarding their own
exploits as well as detection of other teams’ exploits. A
final written report and in-class presentation accounts for a
significant part of the course’s final grade.
3.1.2 Sessions 2 of CSC 302:
The second session of CSC 302 focuses on software
security and web security. The hands-on lab materials are
from the SEED lab series [10]. Taking into consideration
the lack of Linux experience and C programming
knowledge, introductory and hands-on practices for these
topics are interleaved between the security lectures and
labs. For software security, the session covers set-uid,
environment variables, buffer overflow, and return-to-libc
attacks. The topics selected for web security are cross-site
request forgery, cross-site scripting, and SQL injection.
While the lab materials are provided by SEED, the
accompany VM is limited at 32-bit with a older distribution
of Ubuntu (16.04). To help students in understanding the
technical aspects the lab, an additional team project is
assigned. In this project, students are to first re-implement
the lab in a 64-bit Ubuntu 18.04 VM. More specifically,
they are to implement the set-uid and environment
variables lab and then to select an additional lab from either
software security or web security for re-implementation.
To be able to create the memory-based vulnerabilities in
the new 64-bit environment, students will have to leverage
their understandings of the SEED materials for the 32-bit
VM and apply them to the new 64-bit architecture.
Similarly, in web security, the students will need to
understand aspects of the web software stacks in the SEED
VM that lead to the existence of the exploits for
reimplementation purposes. Next, students are to automate
these implementations so that their VM can be dynamically
deployed in CloudLab, an academic cloud computing
environment [15].
3.2 CSC 497/583 – Topics in Computer Security
Topics in computer security (CSC 497/583) is a free
elective course for students major in computer science.
This course carried a prerequisite of computer organization
(CSC 242) that teaches the basics of assembly language, C
programing language, bitwise operations and the concept
of pointers. The expected demographic for this course is
students with basic programming concepts, familiarity
with Unix/Linux including command-line shell and gdb,
and with web programming concepts.
3.2.1 Topic in Software Security
The primary objective of the software security course is to
let students understand how to assess software
vulnerability; this process includes learning how to dissect
an application, discover security vulnerabilities, and assess
the danger each vulnerability presents. The course focuses
on teaching practical offensive security skills in binary
exploitation and reverse engineering through a
combination of interactive lectures, hands-on labs, and it
also offers students an opportunity to explore the state-of-
the-art subjection in both the industry and academic world.
Software security course is first covering the legal aspects
of reverse engineering, assembly language for IA-32
compatible processors, vulnerability analysis, and Linux-
based ELF program exploitation. It will then transition into
several protection mechanisms found on modern systems
(e.g., DEP, ASLR, Canaries, PIE) and the techniques used
to defeat them. The course also covers other subjects in
exploitation including advance heap exploitation and
kernel-land exploitation.
3.2.2 Topic in Modern Malware Analysis
The primary objective of the modern malware analysis
course is to let students learn how to detect, analyze, and
eradicate malware since it becomes an increasingly
important issue of economic and national security. The
course introduces students to malware analysis techniques
through lectures, readings and hands-on interactive
analysis of real-world samples. Students should be able to
analyze contemporary malware using both static and
dynamic analysis after taking this course.
In the modern malware analysis course, we first covered
the basic concepts of malware analysis, including the
experiment environment setup, debugging concepts and
tools, definition of static analysis and dynamic analysis,
and PE/ELF format. Then we move on to study the
malicious activities, techniques, and countermeasures
(e.g., DLL Injection, API Hooking). We also discuss some
rootkit techniques including packing, patching, and direct
kernel object manipulation.
4. Supporting Infrastructures
The varieties in contents of the security courses described
in Section 3 led to different infrastructure requirements for
students’ learning activities. These infrastructures include
virtual machines deployment on individual students’
laptop, on-site computer networks, and cloud computing
environments.
4.1 Session 1 of CSC 302
In this session, students have access to a sandbox
infrastructure consisting of eight computing servers,
connected through an Ethernet switch. The instructor
commands one additional machine to manage and oversee
the sandbox. The sandbox itself is deployed within a CS-
specific computer lab, with a portion of the physical
machines in this lab is dedicated to the sandbox. Students
not enrolled in the session are not allowed to use these
machines during the semester. The overall architecture of
the sandbox is shown in Figure 1.
Figure 1. Sandbox Infrastructure
4.2 Session 1 of CSC 302
For the SEED labs, students downloaded the original VM
to run on their laptop using VirtualBox. To help integrating
lecture materials and lab materials, an additional
component was added to the VM. The students were to
download and install Anaconda inside the VM. Next, they
launched a Jupyter server from inside the VM and
forwarded the port to the host laptop. With the lecture
contents and lab activities converted to Python Jupyter
notebooks, students could access the lab environment
inside the VM and the lecture materials through a web
browser.
Funded by the National Science Foundation in 2014,
CloudLab’s goal is to provide researchers with a robust
cloud-based environment for next generation computing
research [15]. These resources are distributed across
several U.S. institutions. As of August 2018, CloudLab
boasts an impressive collection of hardware. At the Utah
site, there was 785 nodes, including 315 with ARMv8, 270
with Intel Xeon-D, and 200 with Intel Broadwell. The
compute nodes at Wisconsin included 270 Intel Haswell
nodes with memory ranging between 120GB and 160GB
and 260 Intel Skylake nodes with memory ranging between
128GB and 192GB. At Clemson University, there are 100
nodes running Intel Ivy Bridges, 88 nodes running Intel
Haswell, and 72 nodes running Intel Skylake. All of
Clemson's compute nodes have large memory (between
256GB and 384GB), and there are also two additional
storage-intensive nodes that have a total of 270TB of
storage available.
In order to provision resources using CloudLab, a
researcher needs to describe the necessary computers,
network topologies, start-up commands, in a resource
description document. CloudLab provides a graphical
interface inside a web browser that allows users to visually
design this document through drag-and-drop actions. For
large and complex profiles, this document can also be
automatically generated via Python in a programmatic
manner. Starting Fall 2017, CloudLab supports a direct
integration between publicly readable git repositories and
their profile storage infrastructure. This significantly
minimizes the effort needed to modify existing profile
while still maintaining a complete history of previous
changes.
4.3 CSC 497/583
For the software security course, we have created a virtual
machine disk image that runs the Manjaro Linux system
which has all the tools, challenges, and coding libraries.
Students need to download the image and import it to their
computer via VirtualBox (or VMware). We also set up a
remote server with Ubuntu Linux, and Docker; creates a
capture-the-flag (CTF) environment for labs and the final
project. The student can connect to the remote server
through a Python script, and the goal is to reveal the secret
stored in a file.
For the modern malware analysis course, we decided to set
up a Windows XP 32-bit virtual machine. However, unlike
the Linux system, the Windows system is not free; thus we
cannot distribute this VM to the student. Instead, we
provide a comprehensive list of tools and installers that we
used throughout the course. All the labs can be done in the
Linux environment by choosing a cross-platform Python
library.
5. Teaching Experience, Challenges, and
Student Feedback
Since CSC 302 and CSC 495/583 are elective courses,
students enrolled in these courses came with different
technical background. As a result, students’ learning
experience, challenges, and course feedback varied across
the courses and the sessions.
5.1 Session 1 of CSC 302
One of the authors have taught Session 1 of CSC 302 for
three semesters. The assigning of game enables students to
learn using a project-based learning approach. Recognizing
the fact that many students are not familiar with Linux, the
instructor first sent out a survey with Linux and networking
related questions and then use the results of the survey to
divide students into groups with similar aggregated level of
technical skills. The instructor made sure that at least one
student is very familiar with Linux and one or two of them
has/have working knowledge about Linux.
In the first semester, the instructor prepared and taught the
class under an ideal assumption that as long as adequate
directions were provided, students would engage in the
project and learn by themselves. However, it turned out to
be not the case. The instructor received feedback for both
logistic and technical issues. Logistic issues mainly
focused on time and collaboration. Although enrolled
students in this semester were at junior and senior level,
they complained about not having enough classroom time
for the project. This was contradictory to the intention of
the project, which was to be done after the class in lieu of
homework assignments. Some group also complained
about team-members do not show up, etc.
They also have more technique issues than expected. One
of the primary learning activity for students in the first task
is to research through different Linux systems, select one,
and following online documentation to install the machine.
Several groups emailed the instructor to require explicit
instructions regarding the installation of Linux operating
system. There had also been requests for in-class
demonstrations of this process. Similar issues happened
with the installation and configuration of the required
services such as SSH, Web, and Email servers. Fluency in
programming techniques, which came from the
prerequisites, did not translate into experience with system
administration knowledge. For example, students could
quickly create and publish a web page, but not able to setup
the corresponding web servers. During the intrusion and
defend stage of the second and third tasks, the most
common feedback was that the students could not
understand and find out what type of tools they can use to
defend and attack. As a result, several teams never
attempted any intrusion, and there was no meaningful
intrusion detection and defend. The lack of prior
experience in Linux was emphasized in many feedback that
the instructors received.
While the purpose of the sandbox is to promote free
exploration in order to facilitate attacks and defends, the
feedback highlighted typical students’ hesitation in
navigating a fully project-based learning environment and
their preference for step-by-step instructions. Taking this
into account, the instructor adjusted the course’s structure
to provide students with more gradual support.
In the subsequent semester, the instructors enacted a
number of changes to better coordinate the project
activities. While the project still pushed students to
research and explore the system and network security,
there are more support structures in the materials. First, the
entire game was divided into three complete stages, and
there was one checkpoint for each stage to make sure
everyone got the minimum requirement. Second, the
instructor provided an initial reference list of intrusion and
defend tools for the students. The list does not include
installation, configuration, and usage documentation. As a
result, if students decided to follow the list, they will need
to perform research on how to use them. Furthermore, they
can also use this list as a reference point for additional
tools. Third, each group was to submit a game plan to
illustrate the responsibilities for each team members and
the time line for their implementation. Finally, the
instructor presented and emphasized the teaching/learning
approach for the class, which required two concurrent
thrusts on concepts and technology. The lecture time
focused on the conceptual parts, which illustrate how to
solve problem. The project and homework were
implementations that use certain technology to solve the
real problem. Those technologies change all the time, and
students are responsible to this knowledge on their own
with some assistance such as an introduction lecture that
provided during the lecture time. These changes resulted in
an improved experience for both students and instructor in
the following two semesters, although there are still
students that ask for systematic instruction on how to do
the lab.
Throughout the three semesters, the dedicated on-site local
computers for this session enabled students to have a stable
computing environment for the course’s projects and
assignments. However, working with this infrastructure
encountered several administrative challenges. One
challenge having to do with reserving the individual
computers within the computer lab. To ensure no external
interference, the instructor isolated the selected computers
and placed a semester-long hold on these computers. This
inadvertently reduced the number of laboratory computers
available to other students. The setting of the room itself
was also not conducive to team-based activities, as students
struggled to find seating space around their team’s
computer. In the long term, this represented a scalability
issue for increasing the instances of this session for the
course. Second, even if other students do not use the
reserved servers, they may use the Ethernet cables, which
disable students in CSC 302 from remote login.
5.2 Session 2 of CSC 302
This session of CSC 302 was taught for the first time in
Fall 2018. Learning from the experience in Session 1, the
instructor for this session also provided a series of
supporting materials that aimed to introduce students to the
Linux environment and C programming. Instructions on
setting up the Python’s Anaconda environment, Jupyter
server, and port forwarding were provided with the goal to
ease students into working with. While students’ feedback
was positive, interesting technical challenges arose with
the usage of the SEED VM.
The instructors observed that students in the class had
different personal laptops, many of which were older
models. As the uncompressed SEED VM required more
than 12GB in size, several students struggled to find
enough disk space to decompress and setup the VM. The
age of the hard drive also impacted the integrity of the VM,
and throughout the semester, the class encountered
instances when the VM file corrupted, resulting in having
to download and setup the computing environment again.
Even with SEED’s consideration regarding the hardware
configuration of the VM (1 core and 1GB of memory),
students experienced lag in working with the VM,
particularly for the web security exercises.
After the first half of the semester working on a local VM,
the introduction of the CloudLab-based project was
actually well received by the students. As CloudLab
provided a significantly better hardware performance,
students were able to smoothly deploy and work on their
individual VM regardless of their individual laptops’
configurations. Near the end of the semester, the instructor
also attempted to introduce two network security exercises
regarding packet sniffing and spoofing. Without having
reserved a prior laboratory, the instructor deployed an
online environment in CloudLab [17]. This environment
allows the instructor to specify a number of VMs
corresponding to the number of students, set up and equip
the VMs with relevant software packages and source codes
for the lectures, and deploy them on CloudLab. The entire
process took approximately thirty minutes and was done
prior to the start of the class.
5.3 CSC 497/583
Students came into CSC 497/583 near the end of the
undergraduate career or at the graduate level. Therefore,
issues related to prior experience working with Linux were
rare. The instructor for CSC 497/583 observed several
advantages and disadvantages in using local VM in this
course.
5.3.1 Advantages
The use of local VM provided students with a safe, reliable,
and consistent experiment environment. It was easy to use
and students did not need to set up the initial Linux
environment by themselves. This was especially important
as many tools and libraries in the Linux environment are
not easy to compile and install and require the student to
have some level of debugging skills when facing with
compiling error. Second, the local VM provided a GUI
interface to the students, thus reducing the learning curve
to the student who is not familiar with command line
operation. Third, the local VM is cross-platform, and it
supports both the Windows and Linux system, which is
ideal for studying various binary file structure on the
different operating system (e.g., PE and ELF format). Last
but not least, the VM software provided snapshots which
guarantee to revert the VM to an earlier state completely.
This feature is extremely useful for the student who studied
the malware analysis course.
5.3.2 Disadvantages
First, some students have faced compatibility issues when
installing and using the local VM. Si found that some
laptop does not enable the VT-D feature in their BIOS
settings by default and therefore cannot boot up the VM
image. Moreover, some laptop with NVidia graphics card
and runs Linux Mint system needs to manually disable
secure boot to install VM software (e.g., VirtualBox).
Second, the Chromebook operating system does not
support installing and running the local VM software.
Students who own Chromebook have to use remote secure
shell to connect to a remote Linux server and setting up
everything by their own. These compatibility issues make
student feel discourage or frustrated and may fall behind.
5. Conclusion and Future Work
In this work, we highlighted our experience using various
computing infrastructures in cybersecurity courses. These
infrastructures included on-site local network of
computers, VMs installed on students’ personal laptops,
and computing environments deployed in the cloud. The
former two presented various logistical, technical, and
administrative challenges in ensuring a seamless and
transparent hands-on learning environment for students.
Early experience in the last approach using CloudLab, a
national computing infrastructure, was positive and
provided indications that cloud computing environments
like CloudLab can provide significant support for teaching
cybersecurity courses.
At the same time, using a cloud-based infrastructure is not
without its hurdles. It places a burden on the instructor to
install, configure, and deploy the environment, with the
added caveat of having to learn how to work with a cloud
provider. CloudLab is a research-based environment, and
thus is not appropriate for scenarios where a dedicated
infrastructure needs to be maintained throughout the
semester. To address these challenges, the authors are
pursuing future work in preparing cloud profile templates
to help with automated installation and configuration and
exploring additional resources, including the JetStream
Cloud infrastructure inside XSEDE (Extreme Science and
Engineering Discovery Environment) for provisioning
sustained infrastructure.
4. Acknowledgements
The hands-on project in session 1 of CSC 302 borrows
the game administration plan that was developed for
the previous graduate security course (CPSC665) in
Computer Science Department at Texas A&M
University. Thanks Dr. Udo Pooch and Dr. Bin Lu for
their generous help in the development of this game.
They will be always remembered.
References:
[1] Paulsen, C., McDuffie, E., Newhouse, W., & Toth, P.
(2012). NICE: Creating a Cybersecurity Workforce and
Aware Public. IEEE Security & Privacy, 10(3), 76-79.
[2] Sobiesk, E., Blair, J., Conti, G., Lanham, M., & Taylor,
H., Cyber education: a multi-level, multi-discipline
approach. Proc. 16th ACM Annual Conference on
Information Technology Education, Chicago, IL, 2015, 3-
47.
[3] McDuffie, E. L., & Piotrowski, V. P., The future of
cybersecurity education. IEEE Computer, 47(8), 2014, 67-
69.
[4] DHS Task Force on CyberSkills, CyberSkills Task
Force Report, D.o.H. Security, Editor. Washington, DC,
2012, 1-41.
[5] Conklin, W. A., Cline, R. E., & Roosa, T., Re-
engineering cybersecurity education in the US: an analysis
of the critical factors. Proc. 47th IEEE International
Conference on System Sciences (HICSS), Big Island, HI,
2014, 2006-2014.
[6] Weiss, R., Mache, J., & Nilsen, E., Top 10 hands-on
cybersecurity exercises. Journal of Computing Sciences in
Colleges, 29(1), 2013, 140-147.
[7] Brustoloni, J. C., Laboratory experiments for network
security instruction. Journal on Educational Resources in
Computing (ACM Transactions on Computing Education),
6(4), 2006, 5.
[8] Abler, R. T., Contis, D., Grizzard, J. B., & Owen, H. L.,
Georgia tech information security center hands-on network
security laboratory. IEEE Transactions on Education,
49(1), 2006, 82-87.
[9] Bullers Jr, W. I., Burd, S., & Seazzu, A. F., Virtual
machines-an idea whose time has returned: application to
network, security, and database courses. ACM SIGCSE
Bulletin 38(1), 2006, 102-106.
[10] Du, W., SEED: hands-on lab exercises for computer
security education. IEEE Security & Privacy, 9(5), 2011,
70-73.
[11] Stoller, M. H. R. R. L., Duerig, J., Guruprasad, S.,
Stack, T., Webb, K., & Lepreau, J., Large-scale
virtualization in the emulab network testbed. Procs
USENIX Annual Technical Conference, Boston, MA,
2008.
[12] Mirkovic, J., & Benzel, T., Teaching cybersecurity
with DeterLab. IEEE Security & Privacy, 10(1), 2012, 73-
76.
[13] Salah, K., Hammoud, M., & Zeadally, S. Teaching
cybersecurity using the cloud. IEEE Transactions on
Learning Technologies, 8(4), 2015, 383-392.
[14] Park, Y., Hu, H., Yuan, X., & Li, H. Enhancing
Security Education Through Designing SDN Security Labs
in CloudLab. Procs 49th ACM Technical Symposium on
Computer Science Education, Baltimore, MD, 2018, 185-
190.
[15] Ricci, R., Eide, E., & CloudLab Team, Introducing
CloudLab: Scientific infrastructure for advancing cloud
architectures and applications. ; login:: the magazine of
USENIX & SAGE, 39(6), 2014, 36-38.
[16] Watson, J., Virtualbox: bits and bytes masquerading
as machines. Linux Journal, 2008(166), 2008, 1.
[17] Ngo, L., SEEDCloud.
https://github.com/linhbngo/SEEDCloud, 2019.
[18] Towns, J., Cockerill, T., Dahan, M., Foster, I., Gaither,
K., Grimshaw, Hazlewood, V., Lathrop, S., Lifka, D.,
Peterson, G.D., & Roskies, R. XSEDE: accelerating
scientific discovery. Computing in Science & Engineering,
16(5), 2014, 62-74.